Verification techniques for enhanced security

ABSTRACT

In an example, a method includes obtaining an expected biological sample value at a computing device. The expected biological sample value indicates an expected concentration of a material biologically processed by a courier. The computing device determines whether the measured biological sample value is associated with the courier based on a comparison of the expected biological sample value to the measured biological sample value. The method also includes determining a particular set of operations to be performed at the computing device based on a result of the comparison.

I. FIELD OF THE DISCLOSURE

The present disclosure relates generally to verification techniques forenhanced security.

II. BACKGROUND

In certain applications, highly sensitive algorithms, data, and/or otherprogram elements are stored, developed, and housed within non-volatilememory elements. In certain other applications, hardware (e.g., thenon-volatile memory elements), processing components, or other circuitrymay be considered sensitive. There may be a concern that some sensitiveelements (e.g., hardware or software) could be accessed and thus havetheir security compromised. In order to avoid data loss and/or securitybreaches, mechanisms may be employed to detect intrusion attempts or tootherwise increase a level of difficulty associated with unauthorizedaccess.

Although sensitive elements may be housed in a secure (and possiblyguarded) facility during use, spare parts, prototype parts, parts to berepaired, etc. may be stored and transported in less secure locations.Accordingly, storage and transport of such secure elements presentsparticular challenges.

III. SUMMARY OF THE DISCLOSURE

According to an embodiment, a method includes obtaining an expectedbiological sample value at a computing device (e.g., reading from amemory of the computing device, receiving via input at the computingdevice, or calculated at the computing device). The expected biologicalsample value indicates an expected concentration of a materialbiologically processed by a courier. The computing device determineswhether the measured biological sample value is associated with thecourier based on a comparison of the expected biological sample value tothe measured biological sample value. The method also includesdetermining, at the computing device, a particular set of operations tobe performed based on a result of the comparison.

According to another embodiment, a method includes obtaining, at a firstcomputing device, an expected value to be measured for a secondcomputing device (e.g., an expected concentration of a volatile materialor an expected number of particle emissions). The method includesdetermining, at the first computing device, whether a measured value isassociated with the second computing device based on a comparison of theexpected value to the measured value. The method further includesdetermining, at the first computing device, a particular set ofoperations to be performed based on a result of the comparison.

According to another embodiment, an apparatus is disclosed. Theapparatus includes a biological analysis component and a controlcomponent. The biological analysis component is configured to obtain anexpected biological sample value. The expected biological sample valueindicates an expected concentration of a material biologically processedby a courier. The biological analysis component is further configured todetermine whether a measured biological sample value is associated withthe courier based on a comparison of the expected biological samplevalue to the measured biological sample value. The control component isconfigured to perform a first set of operations based on the result ofthe comparison indicating that the measured biological sample value isassociated with the courier. The control component is configured toperform a second set of operations based on the result of the comparisonindicating that the measured biological sample value is outside anacceptable range of the biological sample value.

One advantage of the present disclosure is the ability to provideadditional layer(s) of security when transporting sensitive hardwareand/or sensitive data to a destination location (e.g., a securelocation). In some cases, additional security may be provided byverifying an identity of a courier at a destination location bycomparing a measured biological sample value to an expected biologicalsample value for the courier (e.g., based on a metabolic profile of thecourier). Alternatively or additionally, hardware security may beenhanced by comparing a measured value (e.g., a measured volatilematerial concentration value or a measured number of particle emissions)to an expected value (e.g., when located within a particular range of acomputing device that is configured to off-gas a volatile material or toemit particles, such as alpha particles).

Features and other benefits that characterize embodiments are set forthin the claims annexed hereto and forming a further part hereof. However,for a better understanding of the embodiments, and of the advantages andobjectives attained through their use, reference should be made to theDrawings and to the accompanying descriptive matter.

IV. BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating an example of a system ofidentity verification based on a comparison of a measured biologicalsample value to an expected biological sample value for a courier,according to a particular embodiment;

FIG. 2 is a diagram illustrating an example of expected(courier-specific) biological measurement values over time for use inidentity verification, according to a particular embodiment;

FIG. 3 is a block diagram illustrating an example of a system ofidentity verification based on a comparison of a measured value (e.g., ameasured volatile material concentration value) to an expected value(e.g., a volatile material concentration value that is expected to bemeasured when located within a particular range of a computing device),according to a particular embodiment;

FIG. 4 is a diagram illustrating an example of expected volatilematerial concentration values over time for use in identityverification, according to a particular embodiment;

FIG. 5 is a flow diagram illustrating a particular embodiment of amethod of identity verification based on a comparison of a measuredbiological sample value to an expected biological sample value for acourier;

FIG. 6 is a flow diagram illustrating a particular embodiment of amethod of identity verification based on a comparison of a measuredvalue (e.g., a measured volatile material concentration value) to anexpected value (e.g., a volatile material concentration value that isexpected to be measured when located within a particular range of acomputing device); and

FIG. 7 is a block diagram of an exemplary computer system operable tosupport embodiments of computer-implemented methods, computer programproducts, and system components as illustrated in FIGS. 1-6.

V. DETAILED DESCRIPTION

The present disclosure relates to providing additional layer(s) ofsecurity when transporting sensitive hardware and/or sensitive data to adestination location (e.g., a secure location). Additional layer(s) ofsecurity may be appropriate in various contexts. For example, in theevent that an electronic device with sensitive hardware componentsand/or sensitive data (e.g., commercial, industrial, or militarydevices) is intentionally or inadvertently obtained by an unauthorizedparty, the unauthorized party may have access to sensitive information.

In some cases, additional security may be provided by verifying anidentity of an individual (referred to herein as a “courier”) at adestination location by comparing a measured biological sample value toa biological sample value that is expected to be measured for thecourier. As an example, using one or more materials (that are ingestedor otherwise administered to the courier) along with the metabolicprofile of the courier, a biological sample measurement device (e.g., a“lab-on-chip” device) may be utilized to verify an identity of thecourier as well as an elapsed time since the material(s) wereadministered to the courier.

In a particular example, multiple “layers” of identity verificationtechniques may be utilized. For example, a biometric security device(e.g., a fingerprint scanner or retinal imager) may represent a firstlayer of security, an oximeter (e.g., to verify that the courier isalive) may represent a second layer of security, and the biologicalsample measurement device may represent a third layer of security.Sensitive data may be secure until the courier's identity is verifiedusing each layer of security.

Numerous materials may be selected for administration to the courier(also referred to herein as “ingested” materials). For example, thecourier may orally ingest the material (or multiple materials, referredto herein as a “metabolic cocktail”), or the material may be otherwiseadministered to the courier, such as via inhalation or absorption.Examples of ingested material(s) include glucose, asparagusic acid,erythropoietin (EPO), or a medical radioisotope, among otheralternatives. Prior to transit, a baseline metabolic clearance window(also referred to herein as a “baseline metabolic profile”) for theparticular courier may be determined. For example, the rate at which thecourier metabolizes one or more of the ingested materials may bedetermined and saved as the baseline for the courier. A materialconcentration may change due to various kinds of biological activity(e.g., chemical conversion or uptake), excretion (e.g., urination,exhalation, etc.). In some cases, the courier biologically processes aningested material (e.g., glucose), and a concentration of anothermaterial (e.g., insulin) may be used. In other cases, the courierbiologically processes an ingested material (e.g., erythropoietin (EPO)or a medical radioisotope) by excreting the same material.

Following ingestion of the material(s), the courier's body may beginbiologically processing the material(s). The courier may follow apredetermined travel protocol to a destination site (e.g., a hardwareinstallation site). At the hardware installation site, the couriersubmits to biological sampling (e.g., blood, urine, or breath) forcomparison to an expected result (e.g., based on the baseline metabolicprofile for the courier). In some cases, a lab-on-chip device may beused to analyze the biological sample and may compare a result to theexpected result. If the results match (e.g., within an allowed errormargin), access to sensitive hardware and/or sensitive data may beenabled. If the results do not match (e.g., within the allowed errormargin), the sensitive hardware may be disabled, the sensitive data maybe removed/erased, access to the sensitive data may be restricted, or acombination thereof (among other alternative operations to be performedin the event of a mismatch).

Alternatively or additionally, a lab-on-chip device may be transportedby the courier. The lab-on-chip device may be “mated” to a specificsensitive hardware item (e.g., a blade server for use at a secure datacenter). In some cases, the specific sensitive hardware item may includeone or more volatile materials (e.g., a volatile organic compound (VOC)or multiple VOCs) with known volatility information that may be used todetermine expected volatile material concentration value(s) to bemeasured at particular times. Alternatively or additionally, in somecases, the specific sensitive hardware item may include one or moremedical radioisotopes (e.g., alpha particle emitters) with knownhalf-life information that may be used to determine expected particleemission value(s) to be measured at particular times (e.g., an expectednumber of alpha particle emissions). While the present disclosuredescribes examples of volatile material(s) being used for hardwareidentity verification, it will be appreciated that similar methods maybe employed to verify a hardware item based on particle emissionvalue(s), such as alpha particle emission value(s). Illustrative,non-limiting examples of alpha particle emitters used in nuclearmedicine include 225 actinium (Ac) with a known half-life of 10.0 days,and 223 radium (Ra) with a known half-life of 11.435 days. Alternativeand/or additional emissive material(s) or a combination of emissivematerials may be used.

In the case of volatile materials, the sensitive hardware item may beconfigured to off-gas a specific compound (or mixture) that can bedetected by the lab-on-chip device. This may be accomplished usingvarious methods. As an example, an appropriate compound (or mixture)with known volatility may be selected. An off-gassing rate of thecompound with known volatility may be kinetically controlled, and anelapsed transit time (of the courier or the sensitive hardware item) maybe determined. Once the lab-on-chip device is within a particular rangeof the sensitive hardware item, the lab-on-chip device detects thevolatile compound and a concentration of the volatile compound prior toproviding the courier with access to the sensitive hardware item. If thelab-on-chip device does not detect the expected sensitive hardware itemor does not detect the expected volatile compound/concentration, thelab-on-chip device may perform a set of operations. For example, thelab-on-chip device may render itself inoperative, render the sensitivehardware item inoperative, and/or disable/remove particular sensitivedata, among other alternatives.

Referring to FIG. 1, a block diagram of a particular embodiment of asystem 100 of identity verification based on a comparison of a measuredbiological sample value to an expected biological sample value isillustrated and is generally designated 100. In the example of FIG. 1, abaseline metabolic profile for a courier 102 is determined for one ormore ingested materials. After establishing the baseline metabolicprofile, the courier 102 ingests a material (or multiple materials) at aparticular time before travelling to a destination location. Thebaseline metabolic profile for the courier 102 may be used to determinea biological sample value that is expected to be measured for thecourier 102 at a later time. An identity of the courier 102 may beverified based on a comparison of the expected biological sample valueto a measured biological sample value. In some cases, a lab-on-chipdevice may be used to analyze a blood sample, a urine sample, or abreath sample for comparison to an expected biological sample value forthe courier 102. In other cases, a device at the second location 108 maycalculate the expected biological sample value for the courier 102 basedon the baseline metabolic profile for the courier 102.

In the particular embodiment illustrated in FIG. 1, the system 100includes a computing device 104 (identified as “Sensitive Hardware” inFIG. 1) to be transported from a first location 106 (identified as“Location(1)” in FIG. 1) to a second location 108 (identified as“Location(2)” in FIG. 1). In other cases, the computing device 104 maybe transported from another location to the second location 108. Afacilitator 110 (e.g., a laboratory technician) may administer and/orverify that the courier 102 has ingested one or more materials 112(identified as “Ingested Material(s)” in FIG. 1) at a first time 114(identified as “Time To” in FIG. 1) at the first location 106. Thefacilitator 110 may utilize a facilitator device 120 to input courierinformation 122, ingested material information 124, and an ingestiontime 126 (e.g., the first time 114). FIG. 1 illustrates thatcourier-specific metabolic information 128 may include a baselinemetabolic profile for particular ingested material(s). As describedfurther herein with respect to FIG. 2, the courier-specific metabolicinformation 128 may include expected biological measurements for thecourier 102 over time. Based on the particular ingested material(s) 112and the courier-specific metabolic information 128, the facilitatordevice 120 may generate one or more expected biological sample values130 for the courier 102. As described above, the expected biologicalsample value(s) 130 may include an expected concentration of theingested material(s) 112, an expected concentration of metabolite(s) ofthe ingested material(s) 112, or a combination thereof.

In the example illustrated in FIG. 1, the computing device 104 includesa memory 140, a biological sample measurement component 142 (identifiedas “Lab-on-Chip Device” in FIG. 1), and at least one control component(illustrated in FIG. 1 as an enable logic component 144 and a disablelogic component 146). While FIG. 1 illustrates individual components ofthe computing device 104 as separate blocks, in other cases multiplecomponents may be integrated into a single component. As an example, theenable logic component 144 and/or the disable logic component 146 may bestored in the memory 140. As another example, the lab-on-chip device 142may include the enable logic component 144 and the disable logiccomponent 146 (and optionally the memory 140). Further, the computingdevice 104 may include additional hardware components (e.g., aprocessor) and/or software components that are not shown in the exampleillustrated in FIG. 1. The computing device 104 is configured to receivethe expected biological sample value(s) 130 from the facilitator device120 and to store the value(s) 130 in the memory 140.

In the illustrative example of FIG. 1, the computing device 104 istransported from the first location 106 to the second location 108. Insome cases, the courier 102 may transport the computing device 104(e.g., a “blade” server or other hardware component). In other cases,the computing device 104 and the courier 102 may travel separately tothe second location 108. Further, while FIG. 1 illustrates one examplein which the computing device 104 travels from the first location 106 tothe second location 108, in other cases the computing device 104 may beshipped or otherwise transported from another location to the secondlocation 108. To illustrate, while not shown in the example of FIG. 1,the expected biological sample value(s) 130 (or the baseline metabolicprofile for the courier 102) may be communicated from the facilitatordevice 120 to the computing device 104 via a secure network.

FIG. 1 illustrates that the courier 102 may interact with the computingdevice 104 at the second location 108 at a second time 150 (identifiedas “T_(N)” in FIG. 1). In cases where the courier 102 transports thecomputing device 104 from the first location 106 to the second location108, the courier 102 and the computing device 104 may arrive at thesecond location 108 at the same time (e.g., the second time 150). Incases where the computing device 104 is shipped or otherwise transportedto the second location 108 by one or more individuals other than thecourier 102, the courier 102 and the computing device 104 may arrive atdifferent times. In either case, the computing device 104 receivesinformation regarding a biological sample value that is expected to bemeasured for the courier 102 at the second time 150.

FIG. 1 illustrates that the computing device 104 may be a blade serverto be installed at the second location 108 (e.g., a secure location,such as a data center, a military facility, a vehicle, etc.). In thisexample, the computing device 104 is to be inserted into a server rack152 for operation at the second location 108. In other examples, thecomputing device 104 may include one or more other hardware and/orsoftware components (e.g., spare parts, etc.) to be operated at thesecond location 108. To verify that an individual that attempts toaccess/operate the computing device 104 at the second location 108 isthe courier 102, a biological sample 154 (or multiple biologicalsamples) may be submitted for analysis. In the example illustrated inFIG. 1, the computing device 104 includes the lab-on-chip device 142 toreceive the biological sample 154 for analysis. In other cases, a secondfacilitator at the second location 108 (not shown in FIG. 1) may receivethe biological sample 154 and submit the biological sample 154 foranalysis and comparison to an expected biological sample value for thecourier 102.

In the example of FIG. 1, the lab-on-chip device 142 is disposed withinor otherwise communicatively coupled to the computing device 104. Thelab-on-chip device 142 is configured to analyze the biological sample154 to generate a measured biological sample value at the second time150 for comparison to the expected biological sample value(s) 130 storedin the memory 140. Different sets of operations may be performed basedon a result of the comparison. For example, the enable logic component144 may be configured to enable the courier 102 to operate the computingdevice 104 when the result of the comparison indicates that the measuredbiological sample value is associated with the courier 102 (e.g., amatch within an allowed error margin). In some cases, the courier 102may be transporting sensitive information to be provided to thecomputing device 104, and the enable logic component 144 may allow thecourier 102 to operate the computing device 104 in order to access thesensitive information. As an example, one or more hardware and/orsoftware operations may be disabled at the computing device 104, and thecourier 102 may be transporting information to enable the hardwareand/or software operations. Alternatively or additionally, particulardata (e.g., sensitive data) may be stored in the memory 140 of thecomputing device 104, and the enable logic component 144 may beconfigured to enable access to the data upon verification of theidentity of the courier 102.

As another example, the disable logic component 146 may be configured todisable access to the computing device 104 when the result of thecomparison indicates that the measured biological sample value isdifferent from the expected biological sample value 130. In some cases,particular data (e.g., sensitive data) may be stored in the memory 140of the computing device 104, and the disable logic component 146 may beconfigured to disable access to the sensitive data stored in the memory140. In other cases, the disable logic component 146 may be configuredto remove/erase the sensitive data from the memory 140. As a furtherexample, the disable logic component 146 may be configured to disableaccess to another computing device (e.g., a second computing device inthe server rack 152), to disable access to sensitive data stored atanother computing device, or to remove/erase sensitive data stored atanother computing device.

It will be appreciated that various sets of operations may be performeddepending on a sensitivity level of data stored in the memory 140 of thecomputing device 104 and/or a sensitivity level of other data stored inother computing devices at the second location 108 (e.g., in the serverrack 152), among other alternatives. Further, while not illustrated inFIG. 1, other security component(s) may be utilized at the secondlocation 108 for additional layer(s) of identity verification. Asillustrative, non-limiting examples, a biometric security device (e.g.,a fingerprint reader, a retinal scanner, etc.), a pulse oximeter, ahardware security device (e.g., a badge, a key fob, etc.), or acombination thereof may be utilized as additional identity verificationcomponent(s).

In operation, FIG. 1 illustrates a particular embodiment in which a“baseline” metabolic profile is determined for the courier 102 beforeadministration of the material(s) 112 to the courier 102. As differentindividuals may process different materials at different rates, themetabolic profile may represent a courier-specific rate at whichparticular material(s) are biologically processed by the courier 102. Inthe present disclosure, the baseline metabolic profile for the courier102 is used for subsequent identity verification operations. Asdescribed further herein with respect to FIG. 2, the concentrationvalues that are measured for the courier 102 over a particular period oftime after ingestion of the material(s) 112 may be used to generate thebaseline metabolic profile that represents a “metabolic fingerprint” forthe courier 102 for identity verification purposes.

As an illustrative example, in order to determine a baseline metabolicprofile for the courier 102, the courier 102 may ingest a particularmaterial (or a combination of multiple materials), such as glucose orasparagusic acid, among other alternatives. In this example, a bloodanalysis component may be used to dynamically monitor a concentration ofglucose and/or asparagusic acid over a particular time period followingingestion. As another example, the courier 102 may submiturine/blood/breath samples at various times, and baseline metabolicprofile values for various times may be estimated based on the samplevalues and the sample collection times. In some cases, the baselinemetabolic profile for the courier 102 may be determined based on“normal” activity levels that may be expected for the courier 102 (e.g.,during an expected travel time from the first location 106 to the secondlocation 108).

The courier 102 may be instructed to observe a particular travelprotocol when travelling to the second location 108. As an example, thebaseline metabolic profile for the courier 102 may include measuredbiological sample values for the courier 102 when the courier 102 isfasting. To illustrate, in order to generate the baseline metabolicprofile, the courier 102 may be instructed to consume no food or drinkfor a particular period of time (e.g., 12 hours) prior to the baselinemetabolic profile testing. When the baseline metabolic profile is beingdetermined for the courier 102, the courier 102 may consume no food ordrink for a particular period of time after the material(s) 112 areadministered. The fasting period may be a period of time that isexpected to be sufficient to allow the courier 102 to travel to thesecond location 108 and to submit the biological sample 154. In thisexample, the courier 102 may be instructed to observe the same protocolwhile travelling as the courier 102 followed during generation of thebaseline metabolic profile (e.g., no food or drink after administrationof the material(s) 112) until the courier 102 provides the biologicalsample 154. It will be appreciated that alternative methods ofgenerating baseline metabolic profile(s) and/or travel protocol(s) maybe used to reduce a likelihood that a measured biological sample valuefor the courier 102 significantly varies from an expected biologicalsample value for the courier 102.

Alternatively or additionally, the ingested material(s) 112 may includeone or more materials that may represent “abnormal” materials that wouldnot typically be detected in human biological samples. As an example,the ingested material(s) 112 may include EPO or a medical radioisotope.In some cases, such materials may reduce complexity associated withidentity verification for the courier 102. To illustrate, when theingested material(s) 112 include a single “abnormal” material, such asEPO, the expected biological sample value 130 may identify EPO, whileexpected concentration value(s) of EPO for the courier 102 may beoptional. While the use of such a binary test for an “abnormal” materialmay provide benefits in terms of reduced complexity, the reducedcomplexity may increase risk associated with an unauthorized individualattempting to “spoof” the identity of the courier 102. Accordingly, insome cases, the ingested material(s) 112 may represent a metabolic“cocktail” that may include multiple materials in order to reduce alikelihood of an unauthorized individual being able to successfully“spoof” the identity of the courier 102. An example of a metabolic“cocktail” may include at least one “normal” material (e.g., glucose,asparagusic acid, etc.) with associated courier-specific metabolicinformation 128 and at least one “abnormal” material (e.g., a medicalradioisotope, EPO, etc.). Another example of a metabolic “cocktail” mayinclude a combination of multiple “normal” materials with associatedcourier-specific metabolic information 128 that may represent anuncommon set of materials to be detected in a biological sample.

The courier 102 ingests the material(s) 112 at the first time 114 (timeT₀). The facilitator 110 provides the courier information 122, theingested material information 124, and the ingestion time 126 to thefacilitator device 120. In cases where the ingested material(s) 112include at least one material with courier-specific metabolicinformation 128, the expected biological sample value(s) 130 that aregenerated by the facilitator device 120 may include multiple expectedconcentrations at multiple times after the ingestion time 126 (asillustrated in the example of FIG. 2). The expected biological samplevalue(s) 130 are stored in the memory 140 of the computing device 104.While FIG. 1 illustrates the computing device 104 as being located atthe first location 106 at the time of ingestion of the material(s) 112,it will be appreciated that the computing device 104 may be located atanother location (including the second location 108 or a third locationthat is not shown in FIG. 1).

The courier 102 departs for the second location 108 after ingesting thematerial(s) 112. As explained above, the courier 102 observes aparticular travel protocol until the courier 102 provides the biologicalsample 154 at the second location 108. In a particular example, multiple“layers” of identity verification techniques may be utilized to verifythe identity of the courier 102 at the second location 108. For example,while not shown in the example of FIG. 1, a biometric security device(e.g., a fingerprint scanner or retinal imager) may represent a firstlayer of identity verification for the courier 102, an oximeter (e.g.,to verify that the individual submitting the biological sample 154 isalive) may represent a second layer of identity verification for thecourier 102, and the lab-on-chip device 142 may represent a third layerof identity verification for the courier 102. Sensitive data (e.g., datastored at the memory 140 of the computing device 104) may be secureuntil the identity of the courier 102 is verified using each layer ofsecurity. Once the identity of the courier 102 is verified, thesensitive data can be downloaded via use of an appropriate algorithm.

As an illustrative, non-limiting example, when the computing device 104is a blade server (as shown in the example of FIG. 1), the courier 102may insert the computing device 104 into the server rack 152 and poweron the computing device 104. In some cases, powering on the computingdevice 104 may activate the lab-on-chip device 142. The courier 102 maysubmit the biological sample 154 for analysis by the lab-on-chip device142. The lab-on-chip device 142 determines a measured biological samplevalue (or multiple values) based on the biological sample 154 that issubmitted and compares the measured biological sample value(s) to theexpected biological sample value(s) 130 that may be stored in the memory140 of the computing device 104. If the lab-on-chip device 142determines that the results match (e.g., within an allowed errormargin), the lab-on-chip device 142 may provide a first signal to theenable logic component 144. Responsive to the first signal, the enablelogic component 144 may perform a first set of operations. For example,the enable logic component 144 may enable access to sensitive data thatis stored at the memory 140 of the computing device 104 (among otheralternative operations). If the lab-on-chip device 142 determines thatthe results do not match (e.g., within the allowed error margin), thelab-on-chip device 142 may provide a second signal to the disable logiccomponent 146. Responsive to the second signal, the disable logiccomponent 146 may perform a second set of operations. For example, thedisable logic component 146 may disable access to sensitive data that isstored at the memory 140 of the computing device 104. As anotherexample, the disable logic component 146 may disable the computingdevice 104, remove/erase the sensitive data from the memory 140 of thecomputing device 104, or a combination thereof (among other alternativeoperations).

Thus, FIG. 1 illustrates an example of providing additional layer(s) ofsecurity when transporting sensitive hardware and/or sensitive data to adestination location (e.g., a secure location). Additional layer(s) ofsecurity may be appropriate in various contexts. For example, in theevent that an electronic device with sensitive hardware componentsand/or sensitive data (e.g., commercial, industrial, or militarydevices) is intentionally or inadvertently obtained by an unauthorizedparty, the unauthorized party may have access to sensitive information.In the particular embodiment illustrated in FIG. 1, an additional layerof security may be provided by verifying an identity of a courier at adestination location by comparing a measured biological sample value toa biological sample value that is expected to be measured for thecourier based on a metabolic profile of the courier.

FIG. 2 is a diagram 200 illustrating examples of expected(courier-specific) biological measurement values over time for use inidentity verification. In some cases, the expected courier-specificbiological measurement values of FIG. 2 may correspond to the expectedbiological sample value(s) 130 for the courier 102 of FIG. 1. Toillustrate, the expected values illustrated in FIG. 2 may be stored inthe memory 140 of the computing device 104 of FIG. 1 for identityverification of the courier 102 at the second location 108.

In the particular embodiment illustrated in FIG. 2, an expected(courier-specific) biological measurement value 202 is illustrated on aY axis, and time 204 is illustrated on an X axis. It will be appreciatedthat the graphical representation of FIG. 2 is for illustrated purposesand that the expected biological sample value(s) 130 that are stored inthe memory 140 of the computing device 104 may not be stored in agraphical format. In FIG. 2, an expected courier-specific biologicalmeasurement value 206 at time T_(N) (e.g., the second time 150 ofFIG. 1) is illustrated. FIG. 2 further illustrates that, in some cases,a margin of error may be allowed for the expected value 206 (as shown bythe circular range) to be considered a match for a measured value (e.g.,a measured value associated with the biological sample 154).

Thus, FIG. 2 illustrates that an expected biological sample value (ormultiple values) for a particular courier at a particular rate that mayrepresent a courier-specific “metabolic fingerprint” for identityverification purposes. To illustrate, the values illustrated as afunction of time in FIG. 2 may correspond to the expected biologicalsample value(s) 130 for the courier 102 of FIG. 1. As the expectedbiological sample value(s) 130 for the courier 102 are stored in thememory 140 of the computing device 104, a measured biological samplevalue based on the biological sample 154 that is submitted at aparticular time (e.g., the second time 150) may be compared to a valuethat is expected at the particular time (e.g., the expected value 206illustrated in FIG. 2).

FIG. 3 is a block diagram that illustrates a particular embodiment of asystem 300 of hardware device identity verification based on acomparison of a measured volatile material concentration value to avolatile material concentration value that is expected to be measuredwithin a particular range of a computing device. In FIG. 3, a computingdevice 304 (identified as “Sensitive Hardware” in FIG. 3) is configuredto control an off-gassing rate of one or more volatile materials. Acourier 302 may transport a measurement device (e.g., a lab-on-chipdevice 332 to compare a measured value (e.g., a measured volatilematerial concentration value) to a value (e.g., a volatile materialconcentration value) that is expected to be measured when thelab-on-chip device 332 is located within a particular range of thecomputing device 304. While FIG. 3 illustrates an example of usingvolatile material(s), such as one or more VOCs, for hardware identityverification, it will be appreciated that alternative/additionalmaterial(s) such as alpha particle emitter(s) used for nuclear medicinemay be used. The identity of the computing device 304 may be verifiedbased on a result of the comparison. As described further herein withrespect to FIG. 4, volatile material concentration values that areexpected to be measured over time for the computing device 304 may bestored at a memory 334 of the lab-on-chip device 332 of the courier 302for hardware device verification (or at another memory of anotherdevice).

In the particular embodiment illustrated in FIG. 3, the computing device304 (e.g., a blade server) is transported to a second location 308(identified as “Location(2)” in FIG. 3) for installation. In some cases,the computing device 304 may be transported from a first location 306(identified as “Location(1)” in FIG. 3) to the second location 308. Inother cases, the computing device 304 may be transported to the secondlocation 308 from a third location that is different from the firstlocation 306. In the example of FIG. 3, a facilitator 310 utilizes afacilitator device 320 to input volatile material information 322,concentration information 324, and departure time information 326 forthe courier 302 (e.g., a first time 314, identified as “Time To” in FIG.3). Based on the volatile material information 322 and the concentrationinformation 324, the facilitator device 320 may generate one or moreexpected volatile material concentration values 330 to be stored in thememory 334 of the lab-on-chip device 332 to be transported by thecourier 302 from the first location 306 to the second location 308.Alternatively, while not shown in the example of FIG. 3, the one or moreexpected volatile material concentration values 330 may be sent to adevice at the second location 308 (e.g., via a secure network) for useby the courier 302 in verifying the identity of the computing device304.

In the example illustrated in FIG. 3, the computing device 304 includesa memory 340 and a volatile material 346 (or multiple volatilematerials). In a particular embodiment, the volatile material 346 mayinclude a volatile organic compound (VOC) or multiple VOCs.Illustrative, non-limiting examples of VOCs include formaldehyde,d-Limonene, toluene, acetone, ethanol (ethyl alcohol), 2-propanol(isopropyl alcohol), hexanol, or a combination thereof, among otheralternatives. In the particular embodiment illustrated in FIG. 3, thevolatile material 346 is disposed within a housing of the computingdevice 304. Alternatively, the volatile material 346 may be storedseparately from the computing device 304 at the second location 308(e.g., in a gas cylinder). To illustrate, while not shown in the exampleof FIG. 3, the computing device 304 may further include flow controllogic that is communicatively coupled to a flow regulator (not shown) tocontrol a flow rate (e.g., an “out-gassing” rate) of volatile material346 (e.g., an inert gas, such as a noble gas, or a mixture of variousgases, among other alternatives). In this case, the flow control logicmay control a flow rate of the volatile material 346 such that ameasured volatile material concentration value within a particular rangeof the computing device 304 matches the expected volatile materialconcentration value(s) 330 that are provided to the volatile materialmeasurement component 332 that is transported by the courier 302. As anillustrative, non-limiting example, the courier 302 may be instructed toposition the lab-on-chip device 332 at an exhaust port of a regulator(not shown) to ensure that the “particular range” is satisfied formeasurement purposes. It will be appreciated that the computing device304 may include additional hardware components (e.g., a processor)and/or software components that are not shown in the example illustratedin FIG. 3.

The computing device 304 is configured to receive the departure time 326from the facilitator device 320 and to store the departure time 326 inthe memory 340. In some cases, the computing device 304 (e.g., a “blade”server or other hardware component) and the courier 302 may travelseparately to the second location 308. In some cases, the computingdevice 304 may be transported from the first location 306 to the secondlocation 308. In this case, the departure time 326 may be communicatedfrom the facilitator device 320 to the computing device 304 for storagein the memory 340 before the computing device 304 is transported fromthe first location 306 to the second location 308.

FIG. 3 illustrates that the courier 302 may interact with the computingdevice 304 at the second location 308 at a second time 350 (identifiedas “T_(N)” in FIG. 1). FIG. 3 illustrates that the computing device 304may be a blade server to be installed at the second location 308 (e.g.,a secure location, such as a data center, a military facility, avehicle, etc.). In this example, the computing device 304 is to beinserted into a server rack 352 for operation at the second location308. In other examples, the computing device 304 may include one or moreother hardware and/or software components (e.g., spare parts, etc.) tobe operated at the second location 308. For hardware identityverification, the lab-on-chip device 332 transported by the courier 302to the second location 308 is used to measure a volatile materialconcentration value within a particular range of the computing device304. In the example of FIG. 3, the lab-on-chip device 332 is configuredto generate a measured volatile material concentration value at thesecond time 350 for comparison to the expected volatile materialconcentration value(s) 330 stored in the memory 334 of the lab-on-chipdevice 332.

FIG. 3 illustrates that, in some cases, the courier 302 may betransporting sensitive information to be provided to the computingdevice 304. The lab-on-chip device 332 may be configured to provide anindication (e.g., audible, visual, or tactile feedback) to the courier302 in order to indicate to the courier 302 a result of the comparison.Thus, in some cases, the lab-on-chip device 332 may be used by thecourier 302 for hardware identity verification before the courier 302provides the sensitive information. In some cases, the sensitiveinformation may be stored in the memory 334 of the lab-on-chip device332. In other cases, as illustrated in the example of FIG. 3, thecourier 302 may provide sensitive data 354 to the computing device 304(e.g., via a keyboard or other input device that is not shown in FIG.3). Thus, FIG. 3 illustrates an example in which the measured volatilematerial concentration value at the second time 350 matches the materialconcentration value 330 that is expected to be measured at the secondtime 350 (within a particular range of the computing device 304).

In some cases, the courier 302 may determine, based on a result of thecomparison indicating an unexpected volatile material concentrationvalue, that the sensitive data 354 should not be provided. In caseswhere the sensitive data 354 is stored in the memory 334 of thelab-on-chip device 332, the sensitive data 354 may be (automatically)rendered inaccessible or may be (automatically) removed/deleted from thememory 334 when the measured volatile material concentration representsan unexpected material and/or concentration (e.g., via logic stored atthe lab-on-chip device 332, not shown in FIG. 3). Further, while notillustrated in the example of FIG. 3, in the event that the sensitivedata 354 is pre-loaded into the memory 340 of the computing device 304(e.g., prior to being transported to the second location 308), thesensitive data 354 may be (automatically) rendered inaccessible or maybe (automatically) removed/deleted from the memory 340 when the measuredvolatile material concentration represents an unexpected material and/orconcentration (e.g., via logic stored at the lab-on-chip device 332, notshown in FIG. 3).

It will be appreciated that various sets of operations may be performeddepending on a sensitivity of particular data (e.g., the sensitive data354) and/or a sensitivity of other data stored in other computingdevices at the second location 308 (e.g., in the server rack 352), amongother alternatives. Further, while not illustrated in FIG. 3, othersecurity component(s) may be utilized at the second location 308 foradditional layer(s) of identity verification. As illustrative,non-limiting examples, a biometric security device (e.g., a fingerprintreader, a retinal scanner, etc.), a pulse oximeter, a hardware securitydevice (e.g., a badge, a key fob, etc.), or a combination thereof may beutilized as additional identity verification component(s).

Thus, FIG. 3 illustrates another example of providing additionallayer(s) of security when transporting sensitive hardware and/orsensitive data to a destination location (e.g., a secure location). Inthe particular embodiment illustrated in FIG. 3, hardware security maybe enhanced by comparing a measured volatile material concentrationvalue to a volatile material concentration value that is expected to bemeasured within a particular range of a computing device that isconfigured to off-gas the volatile material. While not shown in theexamples of FIG. 1 and FIG. 3, it will be appreciated that a combinationof the two verification methods may be utilized in some embodiments (foradded security). To illustrate, the courier identity verificationillustrated in FIG. 1 may be combined with the hardware verificationillustrated in FIG. 3. Thus, the present disclosure contemplatesenhanced security based on a “metabolic fingerprint” of a courier aswell as enhanced security based on a “volatile material fingerprint” ofa computing device.

FIG. 4 is a diagram 400 illustrating examples of expected volatilematerial concentration values over time for use in hardware identityverification. In some cases, the expected volatile materialconcentration values of FIG. 4 may correspond to the expected volatilematerial concentration value(s) 330 of FIG. 3. To illustrate, theexpected values illustrated in FIG. 4 may be stored at the volatilematerial measurement component 332 (e.g., the lab-on-chip device) ofFIG. 3 for hardware identity verification of the computing device 304 atthe second location 308.

In the particular embodiment illustrated in FIG. 4, an expected volatilematerial concentration value 402 is illustrated on a Y axis, and time404 is illustrated on an X axis. It will be appreciated that thegraphical representation of FIG. 4 is for illustrated purposes and thatthe expected volatile material concentration value(s) 330 that arestored at the volatile material measurement component 332 (e.g., thelab-on-chip device) of FIG. 3 may not be stored in a graphical format.In FIG. 4, an expected volatile material concentration value 406 at timeT_(N) (e.g., the second time 350 of FIG. 3) is illustrated. FIG. 4further illustrates that, in some cases, a margin of error may beallowed for the expected value 406 (as shown by the circular range) tobe considered a match for a measured value (e.g., a volatile materialconcentration value that is measured within a particular range of thecomputing device 304).

Thus, FIG. 4 illustrates that an expected volatile materialconcentration value for a particular computing device that is programmedto off-gas a volatile material (or multiple materials) at a particularrate may represent a device-specific “volatile material fingerprint” forhardware identification purposes. To illustrate, the values illustratedas a function of time in FIG. 4 may correspond to the expected volatilematerial concentration value(s) 330 for the computing device 304 of FIG.3. The expected volatile material concentration value(s) 330 for thecomputing device 304 are stored at a volatile material measurementcomponent 332 (e.g., a lab-on-chip device) that is transported by thecourier 302. As such, a measured volatile material concentration valuethat is measured by the lab-on-chip device of the courier 302 at aparticular time (e.g., the second time 350) may be compared to a valuethat is expected at the particular time (e.g., the expected value 406illustrated in FIG. 4).

FIG. 5 is a flow diagram that illustrates a particular embodiment of amethod 500 of identity verification based on a comparison of a measuredbiological sample value to a biological sample value that is expected tobe measured for a courier. FIG. 5 illustrates an example of providing anadditional layer of security for an electronic device with sensitivehardware components and/or sensitive data (e.g., commercial, industrial,or military devices). In FIG. 5, the additional layer of securityincludes verifying an identity of a courier at a destination location bycomparing a measured biological sample value to a biological samplevalue that is expected to be measured for the courier based on ametabolic profile of the courier.

The method 500 includes identifying a courier, at 502. For example,referring to FIG. 1, the facilitator 110 may identify the courier 102,and the facilitator 110 may provide the courier information 122 via thefacilitator device 120. In other cases, one or more biometricidentification devices may be used to verify the identity of the courier102. The method 500 includes administering a “metabolic cocktail” to thecourier, at 504. For example, referring to FIG. 1, the facilitator 110may administer the material(s) 112 to the courier 102 (e.g., viaingestion, absorption, or inhalation). The facilitator 120 provides theingested material information 124 and the ingestion time 126 via thefacilitator device 120, and the facilitator device 120 determines theexpected biological sample value(s) 130 for the courier 102 based on thecourier-specific metabolic information 128 (e.g., a predeterminedbaseline metabolic profile for the courier 102 as previously described).FIG. 1 illustrates that the expected biological sample value(s) 130 forthe courier 102 may be stored in the memory 140 of the computing device104.

At 506, the courier travels from the first location to a second location(e.g., a secure location, such as a hardware installation site). Forexample, referring to FIG. 1, the courier 102 travels from the firstlocation 106 (after ingesting the material(s) 112 at the first time 114)to the second location 108. At 508, the courier powers on operatinghardware, and a lab-on-chip device on the operating hardware isinitiated. For example, referring to FIG. 1, the courier 102 may poweron the computing device 104, and the lab-on-chip device 142 of thecomputing device 104 is initiated.

At 510, the lab-on-chip device compares an expected metabolicconcentration based on time in transit to that in the courier. Forexample, referring to FIG. 1, the lab-on-chip device 142 of thecomputing device 104 receives the biological sample 154 (atapproximately the second time 150), determines a measured biologicalsample value based on the biological sample 154, and compares themeasured biological sample value to the expected biological samplevalue(s) 130 stored in the memory 140. As further described herein withrespect to FIG. 2, the value 206 (at time T_(N)) may represent a valuethat is expected for the courier 102 at the second time 150.

FIG. 5 illustrates that the method 500 includes performing a first setof operations (e.g., enabling the system) when the metabolicconcentration is as expected, at 512. For example, referring to FIG. 1,the lab-on-chip device 142 of the computing device 104 may send a firstsignal to the enable logic component 144 to provide an indication thatthe measured biological sample value represents a match for an expectedbiological sample value for the courier 102. As described furtherherein, the enable logic component 144 may perform a first set ofoperations in response to receiving the first signal from thelab-on-chip device 142. As an illustrative example, the enable logiccomponent 144 may provide access to particular data (e.g., sensitivedata) that is stored in the memory 140 of the computing device 104,among other alternative/additional operations.

FIG. 5 illustrates that the method 500 includes performing a second setof operations (e.g., disabling the system, erasing sensitive data, etc.)when the metabolic concentration is not as expected, at 514. Forexample, referring to FIG. 1, the lab-on-chip device 142 of thecomputing device 104 may send a second signal to the disable logiccomponent 146 to provide an indication that the measured biologicalsample value does not represent a match for an expected biologicalsample value for the courier 102. As described further herein, thedisable logic component 146 may perform a second set of operations inresponse to receiving the second signal from the lab-on-chip device 142.In the particular embodiment illustrated in FIG. 5, the method 500further includes erasing sensitive data when the metabolic concentrationis not as expected. In alternative embodiments, the disable logiccomponent 146 may perform one or more alternative and/or additionaloperations.

Thus, FIG. 5 illustrates that an additional layer of security may beprovided by verifying an identity of a courier at a destination locationby comparing a measured biological sample value to a biological samplevalue that is expected to be measured for the courier based on ametabolic profile of the courier. In the event that an electronic devicewith sensitive hardware components and/or sensitive data (e.g.,commercial, industrial, or military devices) is intentionally orinadvertently obtained by an unauthorized party, the additional layer ofsecurity associated with courier identity verification may reduce alikelihood of an unauthorized party being able to access sensitiveinformation.

FIG. 6 is a flow diagram that illustrates a particular embodiment of amethod 600 of identity verification based on a comparison of a measuredvolatile material concentration value to a volatile materialconcentration value that is expected to be measured within a particularrange of a computing device. FIG. 6 illustrates an example of providingan additional layer of security when transporting sensitive hardwareand/or sensitive data to a destination location (e.g., a securelocation). In FIG. 6, the additional layer of security is provided by alab-on-chip device (or other volatile material measurement component)that is transported by a courier. An identity of a computing device maybe verified based on a result of a comparison (by the lab-on-chipdevice) of a measured volatile material concentration value to avolatile material concentration value that is expected to be measuredwithin a particular range of the computing device.

The method 600 includes providing a lab-on-chip device to a courier, at602. For example, referring to FIG. 3, the facilitator 310 may providethe lab-on-chip device 332 to the courier 302. As shown in FIG. 3, thefacilitator 310 may provide the volatile material information 322, theconcentration information 324, and the departure time 326 (e.g., TimeTo) via the facilitator device 320. The facilitator device 320 generatesthe expected volatile material concentration value(s) 330 that arestored at the memory 334 of the lab-on-chip device 332 prior to thecourier 302 departing from the first location 306. Alternatively, theexpected volatile material concentration value(s) 330 may be provided toa device at the second location 308 (e.g., via a secure network). Insome cases, the computing device 304 may determine an off-gas rate basedon the departure time 326. In other cases, the facilitator device 320may communicate the expected volatile material concentration value(s)330 to the computing device 304 (e.g., for use by flow control logic toadjust a regulator in order to off-gas the volatile material 346 at anexpected concentration/rate).

At 604, the courier travels from a first location to a second location(e.g., a secure location, such as a hardware installation site). Forexample, referring to FIG. 3, the courier 302 travels from the firstlocation 306 to the second location 308. At 606, the lab-on-chip devicecomes into range of operating hardware. For example, referring to FIG.3, the courier 302 may position the lab-on-chip device 332 within theparticular range of the computing device 304.

At 608, the lab-on-chip device measures a concentration of volatilematerial that is off-gassed by the operating hardware. For example,referring to FIG. 3, the lab-on-chip device 332 detects the volatilematerial 346 (at approximately the second time 350) and determines ameasured volatile material concentration value of the volatile material346. At 610, the lab-on-chip device compares a measured concentration ofvolatile material to an expected concentration of volatile material. Forexample, the lab-on-chip device 332 compares the measured volatilematerial concentration value to the expected volatile materialconcentration value(s) 330 stored in the memory 334. As furtherdescribed herein with respect to FIG. 4, the value 406 (at time T_(N))may represent a volatile material concentration value that thelab-on-chip device 332 is expected to measure at the second time 150(when positioned within a particular range of the computing device 304).

FIG. 6 illustrates that the method 600 includes performing a first setof operations (e.g., enabling a system) when the volatile materialconcentration is as expected, at 612. For example, FIG. 3 illustratesthat, in some cases, the courier 302 may be transporting sensitiveinformation to be provided to the computing device 304. The lab-on-chipdevice 332 may provide an indication (e.g., audible, visual, or tactilefeedback) to the courier 302 in order to indicate to the courier 302that a result of the comparison indicates that the measuredconcentration is as expected. In some cases, the sensitive informationmay be stored in the memory 334 of the lab-on-chip device 332. In othercases, as illustrated in the example of FIG. 3, the courier 302 mayprovide sensitive data 354 to the computing device 304 (e.g., via akeyboard or other input device that is not shown in FIG. 3). Thesensitive data 354 may represent a predetermined “access key” to beprovided by the courier 302 in order to enable the computing device 304for operation at the second location 308.

FIG. 6 illustrates that the method 600 includes performing a second setof operations (e.g., disabling the system, erasing sensitive data, etc.)when the volatile material concentration is not as expected, at 614. Forexample, referring to FIG. 3, the lab-on-chip device 332 may provide anindication (e.g., audible, visual, or tactile feedback) to the courier302 in order to indicate to the courier 302 that the measuredconcentration does not match an expected concentration. In response, thecourier 302 may refrain from providing the sensitive data 354. In theparticular embodiment illustrated in FIG. 6, the method 600 furtherincludes erasing sensitive data when the volatile material concentrationis not as expected. To illustrate, in cases where the sensitive data 354is stored in the memory 334 of the lab-on-chip device 332, the sensitivedata 354 may be (automatically) rendered inaccessible or may be(automatically) removed/deleted from the memory 334. Further, while notillustrated in the example of FIG. 3, in the event that the sensitivedata 354 is pre-loaded into the memory 340 of the computing device 304(e.g., prior to being transported to the second location 308), thesensitive data 354 may be (automatically) rendered inaccessible or maybe (automatically) removed/deleted from the memory 340 when the measuredvolatile material concentration represents an unexpected material and/orconcentration.

Thus, FIG. 6 illustrates that hardware security may be enhanced bycomparing a measured volatile material concentration value to a volatilematerial concentration value that is expected to be measured within aparticular range of a computing device that is configured to off-gas thevolatile material. In the event that sensitive hardware componentsand/or sensitive data (e.g., commercial, industrial, or militarydevices) is intentionally or inadvertently obtained by an unauthorizedparty, the additional layer of security associated with hardware deviceverification may reduce a likelihood of an unauthorized party being ableto access sensitive information.

Referring to FIG. 7, an exemplary automated computing machineryincluding a computer 710 is shown. The computer 710 is an exemplaryimplementation of the computing device 104 of FIG. 1 or the computingdevice 304 of FIG. 3. The computer 710 includes at least one computerprocessor (CPU) 712 as well as main memory 714, a memory controller 716,and a non-volatile memory 718. The main memory 714 is connected througha memory bus 720 to the memory controller 716. The memory controller 720and the non-volatile memory 714 are connected through a memory bus 722and a bus adapter 724 to the processor 712 through a processor bus 726.

Stored at the memory 714 is an application 732 that may be a module ofuser-level computer program instructions for carrying out particulartasks (e.g., the control operations described with respect to the enablelogic component 144 and the disable logic component 146 of FIG. 1,etc.). Also stored at the main memory 714 is an operating system 732.Operating systems include, but are not limited to, UNIX® (a registeredtrademark of The Open Group), Linux® (a registered trademark of LinusTorvalds), Windows® (a registered trademark of Microsoft Corporation,Redmond, Wash., United States), AIX® (a registered trademark ofInternational Business Machines (IBM) Corp., Armonk, N.Y., UnitedStates) i5/OS® (a registered trademark of IBM Corp.), and others as willoccur to those of skill in the art. The operating system 732 and theapplication 730 in the example of FIG. 7 are shown in the main memory714, but components of the aforementioned software may also, or inaddition, be stored at non-volatile memory (e.g., on data storage, suchas illustrative data storage 740 and/or the non-volatile memory 718).

The computer 710 includes a disk drive adapter 742 coupled through anexpansion bus 744 and the bus adapter 724 to the processor 712 and othercomponents of the computer 710. The disk drive adapter 742 connectsnon-volatile data storage to the computer 710 in the form of the datastorage 740 and may be implemented, for example, using Integrated DriveElectronics (“IDE”) adapters, Small Computer System Interface (“SCSI”)adapters, Serial Attached SCSI (“SAS”) adapters, and others as willoccur to those of skill in the art. Non-volatile computer memory alsomay be implemented as an optical disk drive, electrically erasableprogrammable read-only memory (so-called “EEPROM” or “Flash” memory),RAM drives, and other devices, as will occur to those of skill in theart.

The computer 710 also includes one or more input/output (“I/O”) adapters746 that implement user-oriented input/output through, for example,software drivers and computer hardware for controlling input and outputto and from user input devices 748, such as keyboards and mice. Inaddition, the computer 710 includes a communications adapter 750 fordata communications with a data communications network 752. The datacommunications may be carried out serially through Recommended Standard232 (RS-232) connections (sometimes referred to as “serial”connections), through external buses such as a Universal Serial Bus(“USB”), through data communications networks such as internet protocol(IP) data communications networks, and in other ways as will occur tothose of skill in the art. The communications adapter 750 implements thehardware level of data communications through which one computer sendsdata communications to another computer, directly or through a datacommunications network. Examples of the communications adapter 750suitable to use in the computer 710 include, but are not limited to,modems for wired dial-up communications, Ethernet (Institute ofElectrical and Electronics Engineers (IEEE) 802.3) adapters for wirednetwork communications, and IEEE 802.11 adapters for wireless networkcommunications. The computer 710 also includes a display adapter 754that facilitates data communication between the bus adapter 724 and adisplay device 756, enabling the application 730 to visually presentoutput on the display device 756.

Particular embodiments described herein may take the form of an entirelyhardware embodiment, an entirely software embodiment, or an embodimentcontaining both hardware and software elements. In a particularembodiment, the disclosed methods are implemented in software that isembedded in processor readable storage medium and executed by aprocessor that includes but is not limited to firmware, residentsoftware, microcode, etc.

Further, embodiments of the present disclosure, may take the form of acomputer program product accessible from a computer-usable orcomputer-readable storage medium providing program code for use by or inconnection with a computer or any instruction execution system. For thepurposes of this description, a computer-usable or computer-readablestorage medium can be any apparatus that can tangibly embody a computerprogram and that can contain, store, communicate, propagate, ortransport the program for use by or in connection with the instructionexecution system, apparatus, or device.

In various embodiments, the medium can include an electronic, magnetic,optical, electromagnetic, infrared, or semiconductor system (orapparatus or device) or a propagation medium. Examples of acomputer-readable storage medium include a semiconductor or solid statememory, magnetic tape, a removable computer diskette, a random accessmemory (RAM), a read-only memory (ROM), a rigid magnetic disk and anoptical disk. Current examples of optical disks include compactdisk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) anddigital versatile disk (DVD).

A data processing system suitable for storing and/or executing programcode may include at least one processor coupled directly or indirectlyto memory elements through a system bus. The memory elements can includelocal memory employed during actual execution of the program code, bulkstorage, and cache memories that may provide temporary or more permanentstorage of at least some program code in order to reduce the number oftimes code must be retrieved from bulk storage during execution.

Input/output or I/O devices (including but not limited to keyboards,displays, pointing devices, etc.) can be coupled to the data processingsystem either directly or through intervening I/O controllers. Networkadapters may also be coupled to the data processing system to enable thedata processing system to become coupled to other data processingsystems or remote printers or storage devices through interveningprivate or public networks. Modems, cable modems, and Ethernet cards arejust a few of the currently available types of network adapters.

The previous description of the disclosed embodiments is provided toenable any person skilled in the art to make or use the disclosedembodiments. Various modifications to these embodiments will be readilyapparent to those skilled in the art, and the generic principles definedherein may be applied to other embodiments without departing from thescope of the disclosure. Thus, the present disclosure is not intended tobe limited to the embodiments shown herein but is to be accorded thewidest scope possible consistent with the principles and features asdefined by the following claims.

The invention claimed is:
 1. A method of identity verification, themethod comprising: positioning a lab-on-chip device within apredetermined range of a computing device; off-gassing a volatilecompound from the computing device to the lab-on-chip device, whereinthe computing device is configured to control an off-gassing rate of thevolatile compound; verifying the computing device at the lab-on-chipdevice using the off-gassed volatile compound off-gassed from thecomputing device; receiving an expected biological sample value at thecomputing device or the lab-on-chip device in response to theverification, wherein the expected biological sample value indicates anexpected concentration of a material biologically processed by acourier; determining, at the computing device, whether a measuredbiological sample value is associated with the courier based on acomparison of the expected biological sample value to the measuredbiological sample value; and determining, at the computing device, aparticular set of operations to be performed based on a result of thecomparison.
 2. The method of claim 1, wherein the expected biologicalsample value is determined based on a metabolic profile associated withthe courier.
 3. The method of claim 1, further comprising performing theset of operations based on the result of the comparison indicating thatthe measured biological sample value is associated with the courier. 4.The method of claim 3, wherein the set of operations includes providingthe courier with access to particular data.
 5. The method of claim 1,further comprising performing a second set of operations based on theresult of the comparison indicating that the measured biological samplevalue is outside an acceptable range of the expected biological samplevalue.
 6. The method of claim 5, wherein the second set of operationsincludes preventing access to particular data.
 7. The method of claim 5,wherein the second set of operations includes deleting particular data.8. The method of claim 1, wherein material is administered to thecourier at a first time, and wherein the expected biological samplevalue indicates the expected concentration of the material at a secondtime.
 9. The method of claim 8, wherein the material is administered tothe courier at the first time at a first location, and wherein themeasured biological sample value is measured at the second time at asecond location.
 10. The method of claim 8, wherein the measuredbiological sample value is measured at the second time by thelab-on-chip device.
 11. The method of claim 8, wherein the materialincludes glucose, asparagusic acid, erythropoietin (EPO), a medicalradioisotope, or a combination thereof.
 12. The method of claim 1,wherein the measured biological sample value is determined by a bloodanalysis component, a urinalysis component, or a breathalyzer device.13. The method of claim 1, wherein the volatile compound includes atleast one of formaldehyde, d-Limonene, toluene, acetone, ethanol (ethylalcohol), 2-propanol (isopropyl alcohol), and hexanol.